You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Hey guys, so I've been getting these java and adobe update popups for a really long time now, I've just usually ignored them (Stupid of me) but I feel as they are getting a lot more worse, they usually happen like almost everytime I try to watch something online such as an Anime, or a video. Could someone please kindly help me get this virus off my computer permenantly and along with some other viruses that may be on this computer?

Btw I'm very newbie at this stuff so if you could help me in a very noob-friendly way, that'd be awesome hehe.

I should also mention that my computer used to be a bit faster before too, so if you guys could just help me get rid of all the crap/viruses on this computer and could teach me how I can keep it virus-free for the future, that would be greatly appreciated.

Sorry one more thing, I have used my credit card to purchase some things online even today, so I hope none of that should be a problem, thanks for anyone that helps me out!

BC AdBot (Login to Remove)

Download Screen317 Security Check HERE and save it to your Desktop.* Double-click SecurityCheck.exe* Follow the onscreen instructions inside of the black box.* A Notepad document should open automatically called checkup.txt* Please post the contents of that document.Note:: If any security program requests permission to access the Internet, allow it to do so

Please download Farbar Service Scanner (FSS) HERE and run it on the computer with the issue.

Make sure the following options are checked: Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender Other Services Press "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please copy and paste the log to your reply.

Download Malwarebytes Anti-Rootkit HEREWarning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights. Double click on downloaded file. OK self extracting prompt. MBAR will start. Click "Next" to continue. Click in the following screen "Update" to obtain the latest malware definitions. Once the update is complete select "Next" and click "Scan". When the scan is finished and no malware has been found select "Exit". If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer. Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:"mbar-log-{date} (xx-xx-xx).txt" "system-log.txt"

First of all I want to say thank you so much for all the help, I've been looking for help for so long and nobody would help me. Much respect to you for that, especially with that long post you made for me. =)

Error: (11/16/2014 09:37:20 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 30.0.0.5269 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

System errors:
=============
Error: (11/15/2014 09:01:09 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/14/2014 07:47:58 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/14/2014 04:08:41 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/14/2014 03:01:38 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/14/2014 03:01:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/14/2014 03:01:07 PM) (Source: Service Control Manager) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/14/2014 03:01:07 PM) (Source: Service Control Manager) (User: )
Description: The USBS3S4Detection service terminated unexpectedly. It has done this 1 time(s).

Error: (11/14/2014 03:01:07 PM) (Source: Service Control Manager) (User: )
Description: The Updater Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/14/2014 03:01:07 PM) (Source: Service Control Manager) (User: )
Description: The Portrait Displays SDK Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/14/2014 03:01:07 PM) (Source: Service Control Manager) (User: )
Description: The NTI IScheduleSvc service terminated unexpectedly. It has done this 1 time(s).

CodeIntegrity Errors:
===================================
Date: 2012-01-22 17:26:46.682
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-01-22 17:26:46.651
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-01-22 17:20:15.160
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-01-22 17:20:15.129
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-01-22 17:18:03.812
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-01-22 17:18:03.797
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-01-22 17:15:59.421
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-01-22 17:15:59.393
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Name: PS/2 Mouse
Description: PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

And also is there a way to make my computer faster and less choppy/laggy

But not using programs such as TuneUP Utilities.

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:

• Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

• Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

• Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

• Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

• The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again.For routine use, the benefits to your computer are negligible while the potential risks are great.

The primary concern with using more than one anti-virus program is due to conflicts that can arise when they are running in real-time mode simultaneously. However, even when one of them is disabled for use as a stand-alone scanner, it can affect the other. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

Each anti-virus will often interpret the activity of the other as a virus and there is a greater chance of them alerting you to a "False Positive". If one finds a virus and then the other also finds the same virus, both programs will be competing over exclusive rights on dealing with that virus. Each anti-virus will attempt to remove the offending file and quarantine it. If one finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a virus has been found when that is not the case.

Anti-virus scanners use virus definitions to check for viruses and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, most anti-virus programs encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. However, some anti-virus vendors do not encrypt their definitions and will trigger false alarms if used while another resident anti-virus program is active.

To avoid these problems, use only one anti-virus solution. Deciding which one to remove is your choice.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Download Malwarebytes' Anti-Malware FreeHERE to your desktop.
- Do not accept the Free Trial Version at this time -
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Thread scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
How to open the log:
Open MalwareBytes Anti-Malware and then click on History
On the left column, select Application Logs. Select the most recent log among the list, it is usually the one on the top (or sort by date) and open it.
Go to the bottom left corner to Export and select Text File (*.txt)
Save it to the desktop

Be sure to restart the computer if requested.

Please download the ESET Online Scanner HERE and save it to your Desktop.
Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
Start esetsmartinstaller_enu.exe with administartor privileges.
Select the option Yes, I accept the Terms of Use and click on Start.
Make sure that the option Remove found threats is checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology
Click on Start. The virus signature database will begin to download. This may take some time.
When completed the Online Scan will begin automatically.
Note: This scan might take a long time! Please be patient.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.

Note: Do not forget to re-enable your antivirus application after running the above scan!